| With the development of computer network and the popularization of Internet, the security of Internet is more and more emphasized. The identity authentication is one of the most important parts of the network security, since it is the first protecting line of the network application system and it is the gateway of a secure network system. The "One-Time Password" (OTP) is an identity authentication technique, which need not the third party. The One-Time Password takes advantage of the "one time one cipher", which can keep from password detecting and transmission leaking.The technical of cryptogram which refer to this paper is discussed firstly. And the emphases of this discussion are about the elliptic curve cryptographic algorithms and authentication. And then OTP authentication technique was analyzed in this thesis and its disadvantages like that can not resist the small number attack and can not support two-way identity authentication was pointed out. Base on ECC (elliptic curve cryptosystem), a new improved one-Time Password scheme is proposed. In our improved scheme, in combination with the specialties of One-Time Password, the elliptic curve cryptographic algorithms was used to encrypt the challenging information in communication and the saving information in the server, to prevent information leaking. The two-way identity authentication is implemented and the security of the host and the users is assured, which can keep them from imitate attack, replay attack and small number attack. Further more, we add a symmetric key k used for conversation in this scheme, which make the users be able to encrypt the information transmitted on network after they have passed the mutual identity authentication. Finally the scheme has been detailed designed and accomplished.
|
PDF Full Text Request